As is known, to securely transmit data from one party to another in a secured communications system, the data needs to be encrypted via an encryption key and an encryption algorithm. Such an encryption algorithm may be a symmetric key algorithm such as the data encryption standard (“DES”) while the encryption key is a corresponding symmetric key. The sending party encrypts the data using the symmetric key algorithm and transmits the encrypted message over a transmission medium to a receiving party. Upon receiving the encrypted message, the receiving decrypts the message using the same symmetric key, which must be transmitted to the receiving party or derived by the receiving party by some appropriate security means.
Encrypting data using public key algorithms is somewhat more expensive than using a symmetric key algorithm, but the cost, in many circumstances, is justified because of the difficulty in securely providing the symmetric key to both parties. To obtain the cost saving benefits of symmetric key encryption and the key distribution advantages of public/private key pairs, a wrapped session key is provided to the receiving party along with the data that is encrypted using the symmetric key. The wrapped session key is the symmetric key that has been encrypted using the public key (of the public/private key pair) of the receiving party. When the receiving party receives the encrypted message, it decrypts the wrapped session key using its private key to recapture the symmetric key. Having recaptured the symmetric key, the receiving party utilizes it to decrypt the message. Typically, symmetric keys are used for a relatively short duration (e.g., a communication, a set number of communications, an hour, a day, a few days, etc.), while encryption public keys are used for longer durations (e.g., a week, a month, a year, or more).
To further enhance security of encrypted data transmissions in the secured communication system, the sending party provides its signature with encrypted messages that it transmits. The signature of the sending party consists of a tag computed as a function of both the data being signed and the signature private key of the sender. The receiving party, using the corresponding signature verification public key of the sending party can validate the signature. To ensure that the receiving party is using an authentic signature public key of the sending party, it obtains a signature public key certificate from a directory or a certification authority. The signature public key certificate includes the signature public key of the sending party and a signature of the certification authority. The receiving party first verifies the signature of the certification authority using a locally stored trusted public key of the certification authority. Once the signature of the certification authority has been verified, the receiving party can trust any message that was signed by the certification authority. Thus, the signature public key certificate that the receiving party obtained is verified and the signature public key of the sending party can be trusted to verify the signature of the sending party of the message.
As one can imagine, in a secured communication system that has several thousand users, keeping track of encryption keys and verification public keys of the end-users is a monumental task. For example, if the secured communication system is utilized by a large corporation which has 100,000 employees, or more, a certification authority needs to maintain accurate information regarding the encryption public key and the signature public key of each of the 100,000, or more, employees of the corporation. As with any large corporation, employees leave the company requiring their public keys to be deleted from the system, new employees are hired requiring new encryption and signature public keys to be issued, and employees lose their private keys requiring new keys to be issued. In the encryption environment, it is not uncommon for a certification authority to have to process several thousand public key updates, issues, and re-issues per day.
When a change to an end-user's public key occurs, the other end-users need to be informed of the change such that the end-user whose public key was changed can participate in secure communications. To inform the other end-users of the change, the certification authority issues a certificate revocation list and update messages. The certificate revocation list indicates the public keys that have been revoked, while the update messages indicates newly issued public keys and changed public keys. Typically, the certification authority will issue the update messages and revocation list on a daily basis, or even less frequently.
As mentioned for a relatively large secure communication system, thousands of public key changes may occur on a daily basis. To a typical end-user, however, only a few dozen, or less, public key changes will be of interest. Thus, even though a particular end-user may only be interested in a few dozen public key certificate changes, it receives the complete revocation list and the update messages. To transmit the revocation list and update messages to tens of thousands of end-users creates a large amount of data traffic that degrades the overall efficiency of the overall secured communication system.
In addition to the large of amount of data that is being transmitting, the revocation list and the update messages include data that is up to twenty-four hours old. As such, end-users identified in the update messages are unable to receive encrypted messages for almost a day. In many secured communication systems, such a lapse of secure communication service is unacceptable. Therefore, a need exists for a method and apparatus that provides an end-user with public key certificate updates and revocations regarding other end-users of interest without the data bandwidth requirements of the above mentioned revocation list and update messages.